On Sun, May 28, 2000 at 07:37:11AM +0000, ktb wrote:
> kmself@ix.netcom.com wrote:
> >
> > On Sat, May 27, 2000 at 10:15:45PM +0000, ktb wrote:
> > > I there any way to configure Slink to boot directly into a 'regular
> > > user' account without entering user name or password? In other words
> > > boot directly into a '$' prompt but requiring a password for root. I'm
> > > using shadow passwords.
> > > Thanks,
> > > kent
> >
> > Yes, but it's an unspeakably evil and twisted thing to do, if it
> > involves bypassing password protections on the user account.
> >
> > Let's put it this way: I can think of several ways you might do this,
> > but I'd be far more comfortable knowing what it is you're trying to
> > accomplish, and whether or not you're aware of alternatives or the
> > potential downside implications, before I provide any advice.
[Note: quoting style -- newest to bottom is common with Linux. Tends
to reduce quotation as respondant has to actually scroll to bottom of
post. In any event, once a quoting style has been adopted, it's
considered preferable to continue appending to *either* bottom or top of
post, but not both ends.
> So it has finally happened, I have become 'evil and twisted' it must be
> the radiation emanating off these three computer screens;) I am simply
> lazy and tiered of logging in on my personal computers.
My current session's been up for something near a month:
4:10pm up 39 days, 14:20, 19 users, load average: 2.13, 2.58, 2.67
...OTOH, if I leave monitor for more than a couple of minutes, a
password-protected screensaver cuts in. Among other things, keeps my
cat's walking on the keyboard from doing anything nasty. Securing
systems is generally a good thing.
> Also in
> learning how to 'remove the logging in process' I would learn more about
> using Linux. If you would help me out with this I would appreciate it.
> Feel free to expound upon 'alternatives and potential downsides' to
> configuring an account this way as I'm always eager to learn more.
The problem with disabling password protection entirely is that you then
open your system up to anyone who knows your IP and username. You've
removed all authentication. So you don't want a null password for *any*
account on *any* system connected to *any* network, *ever*. Period.
What happens when you do log in is that you're either at a text screen
(console) or graphical one (GUI), with a username and password prompt.
A program is running whose one sole task in life is to find out who you
are and whether you belong here. Usually mingetty or getty (console),
or an X display manager (xdm, wdm, gdm, kdm, etc.dm), for X. These are
spawned by either /etc/inittab or an rc.d script such as
/etc/rc5.d/S99wdm. If you want to provide *local only* unsecured
access to your system, you could tweak your box to launch a shell to a
virtual console, or to launch an X session under a user's ID. The
utility of this is questionable, and again, potential problems serious.
You're bypassing something which really is there to protect you.
--
Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself
Evangelist, Opensales, Inc. http://www.opensales.org
What part of "Gestalt" don't you understand? Debian GNU/Linux rocks!
http://gestalt-system.sourceforge.net/ K5: http://www.kuro5hin.org
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
Attachment:
pgpq4Nxa7KzZ0.pgp
Description: PGP signature